10 Open Source ChallengesThe open source movement is flourishing like never before, but these challenges could hinder further growth.
Developers love to reuse open source code because it makes their jobs easier, but incorporating open source code into custom applications presents some challenges for enterprises. According to the Black Duck survey, nearly half of enterprises don't track their open source code. That makes it very difficult to keep patches up to date. If researchers find a vulnerability in an open source project, companies may have that same bug in their internal applications and not realize it. In fact, about a third of companies don't even have a process for tracking or fixing security vulnerabilities in the open source code they use.
In the early days of the open source movement, proponents sometimes argued that open source usage was so small that hackers wouldn't bother trying to find vulnerabilities in open source software. Plus, they said, having multiple developers involved in a project made it much less likely that any vulnerabilities would exist. Several recent security incidents have proven that these arguments no longer apply — if they ever did. If the open source movement is to survive, developers and corporate users need to find better ways to handle security issues.
Most open source software relies on users to install updates manually, and projects often make it possible to download several different versions of the same applications. As a result, many companies find themselves using several different versions of the same tools, which can lead to compatibility problems, confusion and poor performance.
According to Black Duck, half of companies don't have any formal policy for selecting and approving open source code, and among the companies that do have a policy, half of them don't really enforce it. Some say the open source community needs a better way to disseminate updates that would make the process easier while still giving users the flexibility they want.
3. Licensing Issues
Some open source licenses are more restrictive than others. For example, the very popular GPL license requires that derivative code be distributed only under the GPL license. This can be problematic for enterprises that aren't tracking the open source code their developers are reusing within their applications.
Complicating matters, some open source projects have changed their licenses over the years, and a certain version of software may be covered by one license, while another version is covered by another. Organizations need to make sure that they are complying with these license provisions, but some observers argue that open source projects aren't always making it easy to do so..
4. Too Many Contributors
More developers are contributing to open source projects than ever before, and in general, that's a good thing for the movement.
However, this success also has a downside. As projects attract more contributors it becomes increasingly difficult to keep track of what is happening with the code and to ensure that the level of quality remains high. For example, according to the Linux Foundation, more than 13,500 developers have contributed to the Linux kernel. And they are adding nearly 11 files and 4,600 lines of code every day. While most open source projects don't have that same sort of scale, it's easy to see how projects can grow larger than their original creators can manage. In the worst-case scenarios, progress on the project can grind to a halt while maintainers sort through all the contributions they are receiving.
5. Corporate Sponsorship
The classic image of an open source developer is a hobbyist working alone in his spare time just for fun. But while amateur developers still play a large role in open source development, these days many contributors are employed full-time by a company that sponsors open source projects.
The 2016 Future of Open Source Survey from Black Duck found that 65 percent of companies surveyed were contributing to open source projects, and 67 percent actively encourage their developers to contribute to open source projects. In addition, the Linux Foundation says that more than 1,300 companies have contributed code to the Linux kernel.
While the money that comes with corporate sponsorship has been a boon for the open source movement, some within the community have expressed concerns. They worry that projects will become slaves to a particular organization's influence rather than providing good for the community as a whole.
The open source community's treatment of women is an extremely controversial topic. One recent study appeared to show that female developers were more likely than men to have their code accepted by an open source project, but only if no one knew that they were women. However, others argued that this was a misinterpretation of the data and that open source projects were actually biased in favor of women.
Rightly or wrongly, the fact remains that the open source movement has developed a reputation for being hostile to women. While more women are entering the development profession, some remain leery of participating in open source projects. If the situation doesn't change, the open source movement may not attract contributions from some very talented programmers.
7. Internal Strife
Some within the open source community have argued that it's wrong to say open source leaders are sexist because they aren't just mean to women — they're mean to everyone. Many project leaders, including Linus Torvalds, have earned a reputation for being less than patient with contributors whose code they consider subpar. That makes some young developers hesitant to become involved. But the movement needs to attract new blood if it is going to be able to keep up with its rate of growth.
In the same vein, the history of the open source movement is littered with projects that have been forked because key contributors simply couldn't get along. Of course, there are times when a fork is the best course of action, but often, diluting the talent pool to work on competing projects slows the pace of innovation.
In response to criticisms about their communication and management style, some open source leaders say that the real problem lies with the newbie developers. They say that it takes so much hand-holding and training to get new contributors up to speed that it isn't really worth it. They say that new developers are getting all the benefit, while the project would be better off being managed as a strict meritocracy.
On the flip side, some within the community are actively working to make open source more welcoming to newcomers. Initiatives like Google Summer of Code are giving young people a way to gain experience in an effort to encourage them to become lifelong open source contributors.
But these sorts of efforts require a lot of work. The open source movement needs to find a balance between attracting newcomers and holding itself to high standards.
Many organizations and individual users are attracted to the simplicity of cloud-based software. With software as a service (SaaS), users get access to the latest version of an application from any device they choose, all for a low flat monthly fee.
Quite a few open source projects have embraced the cloud as a way to monetize their offerings. But some open source leaders, like Richard Stallman, have argued that the cloud is a threat to open source software. They say the ease of SaaS entices people to use proprietary software and give up the freedom that true open source code offers. Time will tell if the cloud increases the use of open source software or decreases it.
Years ago, Microsoft was the open source movement's biggest corporate opponent. But today, the Windows maker has embraced open source. Much of its software now supports Linux, and the company contributes to many open source projects.
In fact, most of the world's largest technology companies are big supporters of open source with one notable exception — Apple. The company's proprietary "walled garden" approach is the antithesis of the open source movement. But this approach hasn't cost it users: according to NetMarketShare, iOS has 32.03 percent of the worldwide mobile market, and according to Canaccord Genuity, Apple accounted for 92 percent of smartphone profits during the fourth quarter of 2016. Some believe the company's dominance in mobility could present one of the biggest existential threats the open source movement faces.
Image Source: Apple.com
For the open source movement, things seem to be going better than ever. Desktop Linux still hasn't caught on the way advocates had hoped, but within the enterprise, open source is becoming the norm.A Black Duck survey found that 65 percent of enterprises increased their use of open source software in 2016, and open source software is dominating in areas like big data analytics, containerization, development tools, cloud infrastructure, the Internet of things (IoT) and others.
However, if the community is going to continue to thrive, it will need to find a way to deal with some very big challenges.
As open source usage has increased, projects have sometimes struggled to scale with demand. And as enterprise developers incorporate more open source code into their own applications, their organizations face headaches related to security, compatibility, licensing and more.
This slideshow highlights ten open source challenges that could pose an existential threat to the movement itself.